A computer network is typically comprised of the computer itself (comprised of a central processing unit (CPU), memory, etc.) in combination with mass data storage devices such as tape or disk systems, a multiplicity of input/output (I/O) devices such as line printers and remote video display terminals or workstations (cathode ray tubes for output and typewriter-type keyboards for input), and operating and applications software.
Many computer networks are configured to include the computer and its data storage devices in a central location with the I/O devices at various remote locations near the people who have need to access the computer and its stored information. The I/O devices in such networks are typically connected to the computer and its data storage devices (the terms "computer system" and "system" as used hereinafter refer to the computer and its data storage devices collectively) by ordinary telephone lines. The use of telephone lines allows easy and flexible access to the computer system; wherever there is a telephone, computer system access is possible. However, the use of telephone lines to facilitate computer system access also creates the potential for unauthorized computer system access.
Often, a computer system is used to store and manipulate secret or confidential information. Such information can, for example, take the form of trade secrets, commercial marketing information, or sensitive governmental or military information. Quite naturally, the owners of such computer systems containing secret or confidential information are concerned about the maintenance of computer system security. Since the computer and its data storage devices are often kept in a secure area, the greatest threat to system security is unauthorized system access from remote locations (that is, locations spatially removed from the area securing the computer and its data storage devices), either within or without the defined boundaries of the computer network, such as any location with telephone service.
Since users of remote I/O devices can gain access to computer systems by as simple a means as the dialing of a telephone number, computer system owners and those charged with system security have devised several schemes that inhibit unauthorized and illegal access.
One such scheme involves the elimination of telephone line use entirely. That is, an I/O device at a remote location (for example, at a user's desk or home) is connected to the computer system by a communications circuit dedicated to private computer system usage. This scheme eliminates the possibility of unauthorized telephone access but fails to account for the possibility of an unauthorized user located at an authorized remote location. Additionally, this scheme proves quite expensive to establish and maintain while failing to offer the flexibility of commercial telephone communications circuits.
Another security scheme involves the use of personal identification codes (PICs) or passwords. A PIC is a string of alphanumeric characters that is presumed to be known only to an authorized user of the computer system. With this scheme, anyone attempting to access the computer system must enter (i.e., supply to the computer system) a PIC so the computer system will be able to recognize that person as an authorized user. The security afforded by this scheme is predicated on a computer system's storage of valid PICs. The PIC scheme, however, fails to completely address the problem of unauthorized commercial telephone line computer system access. Unauthorized users employing brute force trial-and-error can, from a remote I/O device, uncover valid PICs. Authorized users, who are often left to select their own PICs, tend to select simple easy-to-remember character strings: usually words. Unfortunately, such PICs are relatively easy to uncover through educated guessing. Consequently, while the PIC scheme affords some protection, it is far from a panacea.
Another security scheme that has been developed would be properly referred to as Telephone Authorization (TA). With TA, security is predicated on access from an authorized telephone (and is not predicated on the authorization of the user). One TA scheme employs direct-dial telephone access to a special interface between the prospective user's telephone and the computer system. The interface answers a given call to the computer system and receives from the prospective user a special code, signaled from the prospective user's telephone keypad, identifying the telephone of the prospective user. At this point, the prospective user hangs up and the special interface determines whether the transmitted code identifies an authorized telephone. If the code received from the prospective user does in fact identify an authorized telephone, the interface dials the telephone number of the authorized telephone for the ultimate purpose of allowing computer system access. The user answers and uses the telephone connection in the normal manner well known in the art to achieve remote computer system access. The first problem with TA lies in the simplicity of its telephone identification code. Since the code must be entered by a prospective user, it cannot be so complex that it is difficult to remember or dial. Consequently, it is not difficult for a prospective unauthorized user, at the authorized telephone's location, to determine such code through the brute-force technique discussed above. In addition, TA both requires the presence of a telephone handset at each remote location and takes the time to make and receive two telephone calls. Furthermore, TA fails to account for the possibility of phone line rerouting.
For further background on the problems associated with computer security and on the prior art, see Gillard and Smith, "Computer Crime: A Growing Threat", BYTE, October, 1983 at page 398.
Consequently, with the limitations of the present state of the art in mind, it is an object of the present invention to provide a system for secure computer system access.
It is also an object of the present invention to provide a system for secure computer system access that preserves the desirable use of telephone line remote I/O device access.
It is a further object of the present invention to provide a system for secure computer system access that preserves the desirable use of telephone line remote I/O device access while eliminating the inadequacies of current PIC or TA security schemes.
Still other and further objects of the present invention will be apparent to those skilled in the art from the description of the present invention provided herein.